Units

---

Sample subject outline - Semester 2 2013

Note: Subject outlines often change before the semester begins. Below is a sample outline.

Rationale

Information security is essential to the operation of almost all forms of industry. There is a rich variety in security technologies and principles, from the standard security technologies used to protect most common systems and networks, to more specialised security technologies used in particular applications. This advanced unit provides you with theoretical and practical knowledge of the various types of vulnerabilities that exist in particular applications and environments and the security technologies and principles that can be used, either individually or in combination, to provide enhanced security.

Aims

This unit aims to provide you with specialised knowledge in security technologies and principles for particular applications and environments, and to understand the underlying vulnerabilities, issues and problems. In addition, this unit aims to give you experience in investigating and evaluating security technologies and principles in particular areas in the context of security vulnerabilities and threats.

Objectives

On successful completion of this unit, you should be able to:

1. Demonstrate knowledge of advanced security vulnerabilities, technologies and principles (GC1);
   
2. Evaluate and select appropriate security technologies for given situations (GC1, GC2, GC6);
   
3. Identify and discuss issues and problems with the implementation of specific security solutions (GC1, GC2, GC3, GC6);
   
4. Investigate the theory and use of security technologies (GC1, GC2, GC6, GC7).

Key: Graduate Capabilities
GC1 - Knowledge and Skills
GC2 - Critical and Creative Thinking
GC3 - Communication
GC4 - Lifelong Learning
GC6 - Social and Ethical Responsibility
GC7 - Leadership and Change

Content

This unit provides a solid basis for understanding various types of security technologies and the underlying issues that surround their use. Some topics may be delivered by specialist lecturers. A broad range of topics will be covered in this unit. Examples include:

• Enterprise Information Security Management;
  
• Web Application Security;
  
• Penetration Testing;
  
• Identity Management;
  
• Federated Access Management;
  
• National Authentication Frameworks;
  
• Legal issues in Information Security;
  
• Privacy and Security in e-Health
  
• Smart Card Security;
  
• PKI technologies and practice;
  
• Wireless security;
  
• AusCERT and Global Security Coordination;
  
• Critical Infrastructure Protection

Approaches to Teaching and Learning

There is a three hour lecture/practical each week. The lecture will normally finish within two hours and will typically be followed by a practical exploring a related security vulnerability or defense technology. You are expected to attend all lectures and practicals, and satisfactorily complete the assignments.
The unit coordinator will use email and the unit's Blackboard page to make announcements and post various types of information throughout the semester. It is your responsibility to access your email account and the unit's Blackboard page regularly. The unit's web page is located at http://blackboard.qut.edu.au

Assessment

Assessment for this unit consists of a set of lab reports documenting your experiences completing the practicals, supplemented by short reports on related security vulnerabilities, and a major report and presentation on a security topic of your choosing.Teaching staff will be available via email to answer your specific queries relating to this unit. Teaching staff will also be available in person by appointment.
You must demonstrate your prior attempts at understanding the topics that you are querying or intending to discuss.

Assessment name: Workbook
Description: A collection of reports documenting your experience completing the practicals including an analysis of the security vulnerabilities and technologies related to the practical. (A group practical with individual report)
Relates to objectives: 1-4
Weight: 50%
Internal or external: Internal
Group or individual: Group with Individual Component
Due date: Throughout Semester

Assessment name: Report and Presentation
Description: Investigation and report on an individual security topic. As well as a written report an oral presentation of the results will be required. A preliminary report will be required in Week 8.
Relates to objectives: 1-4
Weight: 50%
Internal or external: Internal
Group or individual: Individual
Due date: Weeks 11-13

Academic Honesty

QUT is committed to maintaining high academic standards to protect the value of its qualifications. To assist you in assuring the academic integrity of your assessment you are encouraged to make use of the support materials and services available to help you consider and check your assessment items. Important information about the university's approach to academic integrity of assessment is on your unit Blackboard site.

A breach of academic integrity is regarded as Student Misconduct and can lead to the imposition of penalties.

Resource materials

Recommended Textbook(s)
D. Basin, P. Schaller, M. Schläpfer. Applied Information Security: A Hands-on Approach. Springer, 2011. Available online via QUT subscription http://www.springerlink.com/content/978-3-642-24473-5/contents/

Reference(s):
Blackboard website

No extraordinary charges or costs are associated with the requirements for this unit.

Risk assessment statement

There is minimal health and safety risk in this unit. It is your responsibility to familiarise yourself with the Health and Safety policies and procedures applicable within campus areas.

Disclaimer - Offer of some units is subject to viability, and information in these Unit Outlines is subject to change prior to commencement of semester.

Last modified: 14-May-2012